$SAFE doesn't work as specified?

[Bertram Scharpf]

Hi,

the Chapter "Locking Ruby in the Safe" says this should
work:

fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'puts "hello"'
end
Thread.start {
$SAFE = 4
load fn, true
}.join

I get an error:

in `load': Insecure operation `load' at level 4 (SecurityError)

Why?

Thanks in advance.

Bertram

 

[Assaph Mehr]

the Chapter "Locking Ruby in the Safe" says this should
work:

fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'puts "hello"'
end
Thread.start {
$SAFE = 4
load fn, true
}.join

I get an error:

in `load': Insecure operation `load' at level 4 (SecurityError)

Why?

This is the expected behaviour: inside the thread you create you set
the $SAFE level to 4, meaning that from here on within the thread you
can't access variables from outside the thread scope. What you can do
is either hardcode the file name in the #load or pass an argument to
the thread:

| Thread.start(File.expand_path(fn)) { |fn|
| $SAFE = 4
| load fn, true
| }.join

The expand_path is because you cannot load a relative path when in
$SAFE >= 2.
Notice that your 'dummy.rb' file contains a call to Kernel#puts, which
is also not allowed. Try it with:

| File.open fn, 'w' do |f|
| f.puts 'raise "hello"'
| end

HTH,
Assaph

 

[Bertram Scharpf]

Hi Assaph,

Am Dienstag, 01. Feb 2005, 06:50:45 +0900 schrieb Assaph Mehr:

This is the expected behaviour: inside the thread you create you set
the $SAFE level to 4, meaning that from here on within the thread you
can't access variables from outside the thread scope. What you can do
is either hardcode the file name in the #load or pass an argument to
the thread:

| Thread.start(File.expand_path(fn)) { |fn|
| $SAFE = 4
| load fn, true
| }.join

The expand_path is because you cannot load a relative path when in
$SAFE >= 2.

Thank you very much for your detailed answer. I'm afraid to
say the program still doesn't work:

$ cat safe.rb
fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'raise "hello"'
end
Thread.start( File.expand_path( fn)) do |fn|
$SAFE = 4
load fn, true
end.join

$ ruby safe.rb
safe.rb:7:in `load': Insecure operation - load
(SecurityError)
from safe.rb:5:in `join'
from safe.rb:5
$

All I wanted to do is run the thread in its own environment.
I will use fork.

Bertram

 

[Assaph Mehr]

Thank you very much for your detailed answer. I'm afraid to

say the program still doesn't work:

$ cat safe.rb
fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'raise "hello"'
end
Thread.start( File.expand_path( fn)) do |fn|
$SAFE = 4
load fn, true
end.join

$ ruby safe.rb
safe.rb:7:in `load': Insecure operation - load
(SecurityError)
from safe.rb:5:in `join'
from safe.rb:5
$

Works fine for me: ruby 1.8.2 (2004-11-06) [i386-mswin32]

All I wanted to do is run the thread in its own environment.
I will use fork.

.... from which I understand you're on *nix, right? I think 'load' will
not access files from globally writable locations on unix. This is done
interntionally to prevent loading of non-secure files. Since you write
the file locally, it might be considered unsafe.

HTH,
Assaph

 

[Bertram Scharpf]

Am Mittwoch, 02. Feb 2005, 06:35:44 +0900 schrieb Assaph Mehr:

$SAFE = 4
load fn, true

Works fine for me: ruby 1.8.2 (2004-11-06) [i386-mswin32]

All I wanted to do is run the thread in its own environment.
I will use fork.

.... from which I understand you're on *nix, right?

Yes, Linux.

I think 'load' will
not access files from globally writable locations on unix. This is done
interntionally to prevent loading of non-secure files. Since you write
the file locally, it might be considered unsafe.

I switched off every writeable flag I could find. The error
stays the same.

Thank you very much, anyway.

Bertram